[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: multi6-threats-00.txt vs. MIPv6 - different strength verifications?
On 3 nov 2003, at 17:44, Erik Nordmark wrote:
But, based on the MIPv6 model, one could also envision a weak but time
limited
verification that builds on some earlier verification (whether the
earlier
verification was weak or strong).
No, this is no good at all. In multihoming, when a line goes down it
may not come back up again. Ever.
For instance, if the peer shows that it knows a clear-text random
number
which was exchanged during the earlier verification, then it
might be reasonable to allow redirection to a new locator *for a
limited time*.
This is susceptible to a "man listening at the sidelines" attack.
That's a relatively common capability. However, we can do better than
this with by adding some hashing and gradual release of previously
secret information. This is only susceptible to actual man in the
middle attacks, but then so is everything else, as a MITM can always
blackhole traffic if nothing else.